Hello Oliver, case-in-point: I am running ClamAV because I just finished ridding my Windows portion of my Linux/Windows systems of a very nasty un-deletable (except for sysresccd.org Linux CD) trojan browser hijacking virus. In the process I discovered my TrendMicro was useless except for the hijackthis application TrendMicro falls-back on when one of their customers (in this case me) is out-of-options. The clamav signatures just went over 500,000 and appear to be growing at a phenomenal rate. Another link which IMHOP is a way of white-listing a Windows .DLL or .EXE can be found at: http://www.processlibrary.com/. No, uploading needed just type in the filename e.g. (ddCcUuOi.dll) and if they return with an: Oops! we don't have that one... means this file is not needed by your Windows install and therefore, in-all-likelihood, can be deleted without harming your Windows install. So far, I have deleted everything found or viewed as suspicious without incident.
Kurt: thanks for the link. Regards, David. Oliver Schwabedissen wrote .. > Am Montag 09 Februar 2009 schrieb Kurt Buff: > > > If it were me, I'd submit the file(s) to http://www.virustotal.com and > > see what they have to say. > > Thanks for the link. I tried virustotal.com and they didn't find an infection. > > I also scanned the files again with the current virusdb (8968, released today) > and clamav didn't find any infections anymore. > > So although updates 8967 and 8968 don't mention Pinit-4 it seems one of the > updates contained a fix. > > -- > Ciao, > Oliver > > GPG Public Key available at http://wwwkeys.de.pgp.net > Key fingerprint = 3264 280C 05B1 572F 3F0B 42B8 1E7B 2D9D 063B D507 > Pat sprinkles each CD with pixie dust. > From: Michael
_______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
